The mobile phone is ubiquitous today. Smartphones and tablets now find themselves in the hands of over 4 billion people around the world. In the U.S alone, over 55% of Americans now own mobile phones. It’s a fact that mobiles, smartphones, and tablets allow users to work better and almost anytime, anywhere.
The risks, however, are increasingly imminent with this very blessing. Data loss, data theft, data pilferage, lost mobile phones, and now the increasingly popular BYOD where employees seek to get their own devices to access data, deliver work, etc.
A Ponemon Institute study predicts that on an average, the total cost of a data breach increased to at least US$7.2 million with every data record loss attributing to a value of US $204 – and that was in the year, 2009. Further, this data is only for U.S based companies across 15 industrial sectors. Push these numbers worldwide and the extent of financial losses due to data pilferage is, in one word, enormous.
In addition, there’s the threat of a waves of virus and malware that can affect your mobile and compromise data therein. Users could download malicious software, visit and self-inflect their mobile devices by accessing a harmful application. You never know where virus or malware resides.
If data loss or stolen data and virus/malware attacks are at one end of the spectrum, there are malicious attacks too. In the previously mentioned Ponemon Institute study, it was found that at least 30% of data breaches were backed by malicious intent.
So, what should your business do? Build a rock-solid, security policy and enforce it company-wide – that’s the least you could do.
We’ll tell you upfront: it isn’t easy to build a mobile security policy that also integrates with your network policy. As it is, it’s difficult to prevent employees from using personal mobile phones for business purposes and BYOD just made matters worse. To start with, your business can benefit from defining what data can be access through mobile phones, and how you should handle when situations arise such as lost or stolen data (or the phone itself along with the data).
We’ll dedicate an entire post to come up with a sample mobile security policy for you next week. If you want to get started, however, start with some of the Industry best practices such as using an MDM (Mobile Device Management) software, password encryption, password expiry, device swipe, data-at-rest encryption, restricted Bluetooth configuration, authentication, etc.
While next week is still far away, if you’d like our help with data recovery, Mobile Data management, network breaches, etc., please don’t hesitate to reach out to us.
714-333-9620